public inbox for linux-cve-announce@vger.kernel.org

public inbox for linux-cve-announce@vger.kernel.org
 help / color / mirror / Atom feed
- recent:[subjects (threaded)|topics (new)|topics (active)]

2026-03-29 12:55 CVE-2026-23400: rust_binder: call set_notification_done() without proc lock
2026-03-28  7:16 CVE-2026-23399: nf_tables: nft_dynset: fix possible stateful expression memleak in error path
2026-03-26 10:22 CVE-2026-23398: icmp: fix NULL pointer dereference in icmp_tag_validation()
2026-03-26 10:22 CVE-2026-23397: nfnetlink_osf: validate individual option lengths in fingerprints
2026-03-26 10:22 CVE-2026-23396: wifi: mac80211: fix NULL deref in mesh_matches_local()
2026-03-25 10:32 CVE-2026-23395: Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ
2026-03-25 10:32 CVE-2026-23394: af_unix: Give up GC if MSG_PEEK intervened.
2026-03-25 10:32 CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion
2026-03-25 10:32 CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace period on error
2026-03-25 10:32 CVE-2026-23391: netfilter: xt_CT: drop pending enqueued packets on template removal
2026-03-25 10:28 CVE-2026-23390: tracing/dma: Cap dma_map_sg tracepoint arrays to prevent buffer overflow
2026-03-25 10:28 CVE-2026-23389: ice: Fix memory leak in ice_set_ringparam()
2026-03-25 10:28 CVE-2026-23388: Squashfs: check metadata block offset is within range
2026-03-25 10:28 CVE-2026-23387: pinctrl: cirrus: cs42l43: Fix double-put in cs42l43_pin_probe()
2026-03-25 10:28 CVE-2026-23386: gve: fix incorrect buffer cleanup in gve_tx_clean_pending_packets for QPL
2026-03-25 10:28 CVE-2026-23385: netfilter: nf_tables: clone set on flush only
2026-03-25 10:28 CVE-2026-23384: RDMA/ionic: Fix kernel stack leak in ionic_create_cq()
2026-03-25 10:28 CVE-2026-23383: bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing
2026-03-25 10:28 CVE-2026-23382: HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them
2026-03-25 10:28 CVE-2026-23381: net: bridge: fix nd_tbl NULL dereference when IPv6 is disabled
2026-03-25 10:28 CVE-2026-23380: tracing: Fix WARN_ON in tracing_buffers_mmap_close
2026-03-25 10:28 CVE-2026-23379: net/sched: ets: fix divide by zero in the offload path
2026-03-25 10:28 CVE-2026-23378: net/sched: act_ife: Fix metalist update behavior
2026-03-25 10:28 CVE-2026-23377: ice: change XDP RxQ frag_size from DMA write length to xdp.frame_sz
2026-03-25 10:28 CVE-2026-23376: nvmet-fcloop: Check remoteport port_state before calling done callback
2026-03-25 10:27 CVE-2026-23375: mm: thp: deny THP for files on anonymous inodes
2026-03-25 10:27 CVE-2026-23374: blktrace: fix __this_cpu_read/write in preemptible context
2026-03-25 10:27 CVE-2026-23373: wifi: rsi: Don't default to -EOPNOTSUPP in rsi_mac80211_config
2026-03-25 10:27 CVE-2026-23372: nfc: rawsock: cancel tx_work before socket teardown
2026-03-25 10:27 CVE-2026-23371: sched/deadline: Fix missing ENQUEUE_REPLENISH during PI de-boosting
2026-03-25 10:27 CVE-2026-23370: platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data
2026-03-25 10:27 CVE-2026-23369: i2c: i801: Revert "i2c: i801: replace acpi_lock with I2C bus lock"
2026-03-25 10:27 CVE-2026-23368: net: phy: register phy led_triggers during probe to avoid AB-BA deadlock
2026-03-25 10:27 CVE-2026-23367: wifi: radiotap: reject radiotap with unknown bits
2026-03-25 10:27 CVE-2026-23366: drm/client: Do not destroy NULL modes
2026-03-25 10:27 CVE-2026-23365: net: usb: kalmia: validate USB endpoints
2026-03-25 10:27 CVE-2026-23364: ksmbd: Compare MACs in constant time
2026-03-25 10:27 CVE-2026-23363: wifi: mt76: mt7925: Fix possible oob access in mt7925_mac_write_txwi_80211()
2026-03-25 10:27 CVE-2026-23362: can: bcm: fix locking for bcm_op runtime updates
2026-03-25 10:27 CVE-2026-23361: PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry
2026-03-25 10:27 CVE-2026-23360: nvme: fix admin queue leak on controller reset
2026-03-25 10:27 CVE-2026-23359: bpf: Fix stack-out-of-bounds write in devmap
2026-03-25 10:27 CVE-2026-23358: drm/amdgpu: Fix error handling in slot reset
2026-03-25 10:27 CVE-2026-23357: can: mcp251x: fix deadlock in error path of mcp251x_open
2026-03-25 10:27 CVE-2026-23356: drbd: fix "LOGIC BUG" in drbd_al_begin_io_nonblock()
2026-03-25 10:27 CVE-2026-23355: ata: libata: cancel pending work after clearing deferred_qc
2026-03-25 10:27 CVE-2026-23354: x86/fred: Correct speculative safety in fred_extint()
2026-03-25 10:27 CVE-2026-23353: ice: fix crash in ethtool offline loopback test
2026-03-25 10:27 CVE-2026-23352: x86/efi: defer freeing of boot services memory
2026-03-25 10:27 CVE-2026-23351: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase
2026-03-25 10:27 CVE-2026-23350: drm/xe/queue: Call fini on exec queue creation fail
2026-03-25 10:27 CVE-2026-23349: HID: pidff: Fix condition effect bit clearing
2026-03-25 10:27 CVE-2026-23348: cxl: Fix race of nvdimm_bus object when creating nvdimm objects
2026-03-25 10:27 CVE-2026-23347: can: usb: f81604: correctly anchor the urb in the read bulk callback
2026-03-25 10:27 CVE-2026-23346: arm64: io: Extract user memory type in ioremap_prot()
2026-03-25 10:27 CVE-2026-23345: arm64: gcs: Do not set PTE_SHARED on GCS mappings if FEAT_LPA2 is enabled
2026-03-25 10:27 CVE-2026-23344: crypto: ccp - Fix use-after-free on error path
2026-03-25 10:27 CVE-2026-23343: xdp: produce a warning when calculated tailroom is negative
2026-03-25 10:27 CVE-2026-23342: bpf: Fix race in cpumap on PREEMPT_RT
2026-03-25 10:27 CVE-2026-23341: accel/amdxdna: Fix crash when destroying a suspended hardware context
2026-03-25 10:27 CVE-2026-23340: net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs
2026-03-25 10:27 CVE-2026-23339: nfc: nci: free skb on nci_transceive early error paths
2026-03-25 10:27 CVE-2026-23338: drm/amdgpu/userq: Do not allow userspace to trivially triger kernel warnings
2026-03-25 10:27 CVE-2026-23337: pinctrl: pinconf-generic: Fix memory leak in pinconf_generic_parse_dt_config()
2026-03-25 10:27 CVE-2026-23336: wifi: cfg80211: cancel rfkill_block work in wiphy_unregister()
2026-03-25 10:27 CVE-2026-23335: RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah()
2026-03-25 10:27 CVE-2026-23334: can: usb: f81604: handle short interrupt urb messages properly
2026-03-25 10:27 CVE-2026-23333: netfilter: nft_set_rbtree: validate open interval overlap
2026-03-25 10:27 CVE-2026-23332: cpufreq: intel_pstate: Fix crash during turbo disable
2026-03-25 10:27 CVE-2026-23331: udp: Unhash auto-bound connected sk from 4-tuple hash table when disconnected.
2026-03-25 10:27 CVE-2026-23330: nfc: nci: complete pending data exchange on device close
2026-03-25 10:27 CVE-2026-23329: libie: don't unroll if fwlog isn't supported
2026-03-25 10:27 CVE-2026-23328: accel/amdxdna: Fix NULL pointer dereference of mgmt_chann
2026-03-25 10:27 CVE-2026-23327: cxl/mbox: validate payload size before accessing contents in cxl_payload_from_user_allowed()
2026-03-25 10:27 CVE-2026-23326: xsk: Fix fragment node deletion to prevent buffer leak
2026-03-25 10:27 CVE-2026-23325: wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211()
2026-03-25 10:27 CVE-2026-23324: can: usb: etas_es58x: correctly anchor the urb in the read bulk callback
2026-03-25 10:27 CVE-2026-23323: hwmon: (macsmc) Fix regressions in Apple Silicon SMC hwmon driver
2026-03-25 10:27 CVE-2026-23322: ipmi: Fix use-after-free and list corruption on sender error
2026-03-25 10:27 CVE-2026-23321: mptcp: pm: in-kernel: always mark signal+subflow endp as used
2026-03-25 10:27 CVE-2026-23320: usb: gadget: f_ncm: align net_device lifecycle with bind/unbind
2026-03-25 10:27 CVE-2026-23319: bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim
2026-03-25 10:27 CVE-2026-23318: ALSA: usb-audio: Use correct version for UAC3 header validation
2026-03-25 10:27 CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions
2026-03-25 10:27 CVE-2026-23316: net: ipv4: fix ARM64 alignment fault in multipath hash seed
2026-03-25 10:26 CVE-2026-23315: wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211()
2026-03-25 10:26 CVE-2026-23314: regulator: bq257xx: Fix device node reference leak in bq257xx_reg_dt_parse_gpio()
2026-03-25 10:26 CVE-2026-23313: i40e: Fix preempt count leak in napi poll tracepoint
2026-03-25 10:26 CVE-2026-23312: net: usb: kaweth: validate USB endpoints
2026-03-25 10:26 CVE-2026-23311: perf/core: Fix invalid wait context in ctx_sched_in()
2026-03-25 10:26 CVE-2026-23310: bpf/bonding: reject vlan+srcmac xmit_hash_policy change when XDP is loaded
2026-03-25 10:26 CVE-2026-23309: tracing: Add NULL pointer check to trigger_data_free()
2026-03-25 10:26 CVE-2026-23308: pinctrl: equilibrium: fix warning trace on load
2026-03-25 10:26 CVE-2026-23307: can: ems_usb: ems_usb_read_bulk_callback(): check the proper length of a message
2026-03-25 10:26 CVE-2026-23306: scsi: pm8001: Fix use-after-free in pm8001_queue_command()
2026-03-25 10:26 CVE-2026-23305: accel/rocket: fix unwinding in error path in rocket_probe
2026-03-25 10:26 CVE-2026-23304: ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu()
2026-03-25 10:26 CVE-2026-23303: smb: client: Don't log plaintext credentials in cifs_set_cifscreds
2026-03-25 10:26 CVE-2026-23302: net: annotate data-races around sk->sk_{data_ready,write_space}
2026-03-25 10:26 CVE-2026-23301: ASoC: SDCA: Add allocation failure check for Entity name
2026-03-25 10:26 CVE-2026-23300: net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop
2026-03-25 10:26 CVE-2026-23299: Bluetooth: purge error queues in socket destructors
2026-03-25 10:26 CVE-2026-23298: can: ucan: Fix infinite loop from zero-length messages
2026-03-25 10:26 CVE-2026-23297: nfsd: Fix cred ref leak in nfsd_nl_threads_set_doit().
2026-03-25 10:26 CVE-2026-23296: scsi: core: Fix refcount leak for tagset_refcnt
2026-03-25 10:26 CVE-2026-23295: accel/amdxdna: Fix dead lock for suspend and resume
2026-03-25 10:26 CVE-2026-23294: bpf: Fix race in devmap on PREEMPT_RT
2026-03-25 10:26 CVE-2026-23293: net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled
2026-03-25 10:26 CVE-2026-23292: scsi: target: Fix recursive locking in __configfs_open_file()
2026-03-25 10:26 CVE-2026-23291: nfc: pn533: properly drop the usb interface reference on disconnect
2026-03-25 10:26 CVE-2026-23290: net: usb: pegasus: validate USB endpoints
2026-03-25 10:26 CVE-2026-23289: IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq()
2026-03-25 10:26 CVE-2026-23288: accel/amdxdna: Fix out-of-bounds memset in command slot handling
2026-03-25 10:26 CVE-2026-23287: irqchip/sifive-plic: Fix frozen interrupt due to affinity setting
2026-03-25 10:26 CVE-2026-23286: atm: lec: fix null-ptr-deref in lec_arp_clear_vccs
2026-03-25 10:26 CVE-2026-23285: drbd: fix null-pointer dereference on local read error
2026-03-25 10:26 CVE-2026-23284: net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup()
2026-03-25 10:26 CVE-2026-23283: regulator: fp9931: Fix PM runtime reference leak in fp9931_hwmon_read()
2026-03-25 10:26 CVE-2026-23282: smb: client: fix oops due to uninitialised var in smb2_unlink()
2026-03-25 10:26 CVE-2026-23281: wifi: libertas: fix use-after-free in lbs_free_adapter()
2026-03-25 10:26 CVE-2026-23280: accel/amdxdna: Prevent ubuf size overflow
2026-03-25 10:26 CVE-2026-23279: wifi: mac80211: fix NULL pointer dereference in mesh_rx_csa_frame()
2026-03-25 10:24 CVE-2026-31788: xen/privcmd: restrict usage in unprivileged domU
2026-03-24  8:33 REJECTED: CVE-2022-49267: mmc: core: use sysfs_emit() instead of sprintf()
2026-03-23 12:37 REJECTED: CVE-2024-27042: drm/amdgpu: Fix potential out-of-bounds access in 'amdgpu_discovery_reg_base_init()'
2026-03-20  8:13 CVE-2026-23278: netfilter: nf_tables: always walk all pending catchall elements
2026-03-20  8:13 CVE-2026-23277: net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit
2026-03-20  8:13 CVE-2026-23276: net: add xmit recursion limit to tunnel xmit functions
2026-03-20  8:13 CVE-2026-23275: io_uring: ensure ctx->rings is stable for task work flags manipulation
2026-03-20  8:13 CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels
2026-03-20  8:13 CVE-2026-23273: macvlan: observe an RCU grace period in macvlan_common_newlink() error path
2026-03-20  8:13 CVE-2026-23272: netfilter: nf_tables: unconditionally bump set->nelems before insertion
2026-03-20  8:13 CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race
2026-03-18 17:54 CVE-2026-23270: net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks
2026-03-18 17:54 CVE-2026-23269: apparmor: validate DFA start states are in bounds in unpack_pdb
2026-03-18 17:54 CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management
2026-03-18 17:46 CVE-2026-23267: f2fs: fix IS_CHECKPOINTED flag inconsistency issue caused by concurrent atomic commit and checkpoint writes
2026-03-18 17:44 CVE-2026-23266: fbdev: rivafb: fix divide error in nv3_arb()
2026-03-18 17:44 CVE-2026-23265: f2fs: fix to do sanity check on node footer in {read,write}_end_io
2026-03-18 17:41 CVE-2026-23264: Revert "drm/amd: Check if ASPM is enabled from PCIe subsystem"
2026-03-18 17:41 CVE-2026-23263: io_uring/zcrx: fix page array leak
2026-03-18 17:41 CVE-2026-23262: gve: Fix stats report corruption on queue count change
2026-03-18 17:41 CVE-2026-23261: nvme-fc: release admin tagset if init fails
2026-03-18 17:41 CVE-2026-23260: regmap: maple: free entry on mas_store_gfp() failure
2026-03-18 17:41 CVE-2026-23259: io_uring/rw: free potentially allocated iovec on cache put failure
2026-03-18 17:41 CVE-2026-23258: net: liquidio: Initialize netdev pointer before queue setup
2026-03-18 17:41 CVE-2026-23257: net: liquidio: Fix off-by-one error in PF setup_nic_devices() cleanup
2026-03-18 17:41 CVE-2026-23256: net: liquidio: Fix off-by-one error in VF setup_nic_devices() cleanup
2026-03-18 17:41 CVE-2026-23255: net: add proper RCU protection to /proc/net/ptype
2026-03-18 17:41 CVE-2026-23254: net: gro: fix outer network offset
2026-03-18 17:41 CVE-2025-71270: LoongArch: Enable exception fixup for specific ADE subcode
2026-03-18 17:41 CVE-2025-71269: btrfs: do not free data reservation in fallback from inline due to -ENOSPC
2026-03-18 17:41 CVE-2025-71268: btrfs: fix reservation leak in some error paths when inserting inline extent
2026-03-18 17:01 CVE-2026-23253: media: dvb-core: fix wrong reinitialization of ringbuffer on reopen
2026-03-18 17:01 CVE-2026-23252: xfs: get rid of the xchk_xfile_*_descr calls
2026-03-18 17:01 CVE-2026-23251: xfs: only call xf{array,blob}_destroy if we have a valid pointer
2026-03-18 17:01 CVE-2026-23250: xfs: check return value of xchk_scrub_create_subord
2026-03-18 17:01 CVE-2026-23249: xfs: check for deleted cursors when revalidating two btrees
2026-03-18 10:05 CVE-2026-23248: perf/core: Fix refcount bug and potential UAF in perf_mmap
2026-03-18 10:05 CVE-2026-23247: tcp: secure_seq: add back ports to TS offset
2026-03-18 10:05 CVE-2026-23246: wifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration
2026-03-18 10:05 CVE-2026-23245: net/sched: act_gate: snapshot parameters with RCU on replace
2026-03-18 10:05 CVE-2026-23244: nvme: fix memory allocation in nvme_pr_read_keys()
2026-03-18 10:05 CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write
2026-03-18 10:05 CVE-2026-23242: RDMA/siw: Fix potential NULL pointer dereference in header processing
2026-03-18 10:05 CVE-2025-71267: fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST
2026-03-18 10:05 CVE-2025-71266: fs: ntfs3: check return value of indx_find to avoid infinite loop
2026-03-18 10:05 CVE-2025-71265: fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata
2026-03-17  9:11 CVE-2026-23241: audit: add missing syscalls to read class
2026-03-17  9:11 CVE-2025-71239: audit: add fchmodat2() to change attributes class
2026-03-10 17:28 CVE-2026-23240: tls: Fix race condition in tls_sw_cancel_work_tx()
2026-03-10 17:28 CVE-2026-23239: espintcp: Fix race condition in espintcp_close()
2026-03-09 15:51 CVE-2024-14027: xattr: switch to CLASS(fd)
2026-03-04 14:38 CVE-2026-23238: romfs: check sb_set_blocksize() return value
2026-03-04 14:38 CVE-2026-23237: platform/x86: classmate-laptop: Add missing NULL pointer checks
2026-03-04 14:36 CVE-2026-23236: fbdev: smscufx: properly copy ioctl memory to kernelspace
2026-03-04 14:36 CVE-2026-23235: f2fs: fix out-of-bounds access in sysfs attribute read/write
2026-03-04 14:36 CVE-2026-23234: f2fs: fix to avoid UAF in f2fs_write_end_io()
2026-03-04 14:36 CVE-2026-23233: f2fs: fix to avoid mapping wrong physical block for swapfile
2026-03-04 14:36 CVE-2026-23232: Revert "f2fs: block cache/dio write during f2fs_enable_checkpoint()"
2026-03-04 14:36 CVE-2025-71238: scsi: qla2xxx: Fix bsg_done() causing double free
2026-03-04 12:58 CVE-2026-23231: netfilter: nf_tables: fix use-after-free in nf_tables_addchain()
2026-02-26 23:08 REJECTED: CVE-2025-71226: wifi: iwlwifi: Implement settime64 as stub for MVM/MLD PTP
2026-02-26 23:07 REJECTED: CVE-2025-71228: LoongArch: Set correct protection_map[] for VM_NONE/VM_SHARED
2026-02-18 14:54 CVE-2026-23230: smb: client: split cached_fid bitfields to avoid shared-byte RMW races
2026-02-18 14:54 CVE-2026-23229: crypto: virtio - Add spinlock protection with virtqueue notification
2026-02-18 14:54 CVE-2026-23228: smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection()
2026-02-18 14:54 CVE-2026-23227: drm/exynos: vidi: use ctx->lock to protect struct vidi_context member variables related to memory alloc/free
2026-02-18 14:54 CVE-2026-23226: ksmbd: add chann_lock to protect ksmbd_chann_list xarray
2026-02-18 14:54 CVE-2026-23225: sched/mmcid: Don't assume CID is CPU owned on mode switch
2026-02-18 14:54 CVE-2026-23224: erofs: fix UAF issue for file-backed mounts w/ directio option
2026-02-18 14:54 CVE-2026-23223: xfs: fix UAF in xchk_btree_check_block_owner
2026-02-18 14:54 CVE-2026-23220: ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths
2026-02-18 14:54 CVE-2025-71237: nilfs2: Fix potential block overflow that cause system hang
2026-02-18 14:54 CVE-2025-71236: scsi: qla2xxx: Validate sp before freeing associated memory
2026-02-18 14:54 CVE-2025-71235: scsi: qla2xxx: Delay module unload while fabric scan in progress
2026-02-18 14:54 CVE-2025-71234: wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add
2026-02-18 14:54 CVE-2025-71233: PCI: endpoint: Avoid creating sub-groups asynchronously
2026-02-18 14:54 CVE-2025-71232: scsi: qla2xxx: Free sp in error path to fix system crash
2026-02-18 14:54 CVE-2025-71231: crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox